Chris Field11 July 2020You’ve been SAR-bombed!You are at the end of long day .. you just do one last check of your inbox - the new count registers over 9,000 new emails! All...Read Article Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Read Article Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Read Article DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Read Article Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Read Article Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Read Article Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard09 July 2020Facial Recognition – should we be concerned?Facial recognition is clever, from selfies to surveillance its use is becoming far more widespread. Should we be worried? Read Article Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Read Article DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Read Article Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Read Article Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Read Article Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn30 June 2020Data breaches: 10-point checklist for risk assessmentsHow do you assess the actual risk to people of a data breach? 10 questions you need to ask when carrying out an risk assessment. Read Article DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Read Article Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Read Article Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Read Article Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team30 June 2020Successful steps for data retention and minimisation [webinar recording]Get the tools and advice you need to tackle data retention and minimisation in this expert discussion which takes you through the key steps to take.Read Article Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Read Article Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Read Article Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Julia Porter25 June 2020Why is the CIA’s lax attitude to cyber security interesting to us?Have you got robust cyber security controls in place? How the lax attitude of the CIA is a lesson to us all and what you should you be doing.Read Article Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Read Article Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard16 June 2020Privacy is a marathon not a sprintPondering how to improve your privacy credentials? Here are 5 steps to inspire you. More than 2 years on from GDPR, remember it’s a journey, not a sprint.Read Article Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn16 June 2020Why personalisation is a good thing, when done well“Hi, you haven’t finished watching Jeffrey Epstein: Filthy Rich”, said an email my husband received .It annoyed him......Read Article Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard08 June 2020Spring clean your data – Top tips on data retentionGet top tips on data retention. Minimise your risks by making sure you keep the personal data you need and rid of what you don't. Read Article Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn03 June 2020GDPR two years on, why data protection mattersGDPR may have its critics and regulators may stand accused of not taking enough action. Why this is not a reason to stop taking data protection seriously.Read Article Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Julia Porter03 June 2020Why is it so hard to explain how we use personal data?Five ways to help explain complex and contentious uses of personal data. How to improve your communications and transparency.Read Article DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team03 June 2020Data Retention GuidanceA practical toolkit packed with tips, advice and case studies on how to tackle data retention. Developed by a group of data protection and privacy specialists from a...Read Article Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Julia Porter18 May 2020New Seven Step Ad Tech Guide from DMA and ISBASeven Step Ad Tech Guide - Support for UK businesses engaged in the programmatic digital advertising to ensure they protect the rights of individuals.Read Article Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard14 May 2020COVID 19 – Privacy under the SpotlightPrivacy and COVID-19. When finding quick solutions and taking rapid decisions, don't forget the privacy impact. Here's our quick tour of aspects to consider. Read Article DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team15 April 2020DPIAs – What? When? How? Who? Why? [webinar recording]Data Protection Impact Assessments - learn about when you need to conduct a DPIA and how in this webinar hosted by Bristows LLP. Read Article DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team04 April 2020Where is my data? How to tackle data discovery & mapping [webinar recording]How improve your data discovery, mapping & compliance Understanding where your data is located across all your systems is an ever-evolving challenge, but forms the bedrock of your data...Read Article Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Matt Edgar27 February 20205 ways to clean up your data: WhitepaperThe growth of data and its strategic importance to organisations of all sizes has thrust the issue of data quality into the spotlight. The Global Marketing Alliance has published...Read Article Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard11 February 2020Where’s all my data? How to tackle data discoveryUnderstanding where your data is and what it's used for is crucial. But in practice this is challenging. What approach can you take? Read Article Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn28 January 2020Brexit and EU Data FlowsIf you’ve not yet planned or even considered the data protection impact of Brexit, and specifically data transfers with the European Union, you can breathe a temporary sigh of...Read Article Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn11 December 2019Regulatory Enforcement Action Update Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...Read Article DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team10 December 20192020 Vision – Privacy PredictionsPrivacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...Read Article DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team03 December 2019Data Retention: Are you keeping personal data longer than you need it?Ensuring you don’t store personal data for longer than you require it, is a core data protection principle – one which we all know is both complex and challenging...Read Article DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team24 October 2019Protecting Children’s Privacy Online How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...Read Article Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Debbie McElhill21 October 2019Personal Data Breaches – to notify or not to notify? As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...Read Article Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn18 October 2019Data Breach Class Actions – Has the risk increased? In the run up to ‘GDPR Day’ on 25th May 2018 there were warnings data protection was set to become the new PPI and fears spread of ‘ambulance...Read Article Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn02 October 2019Opt-in for marketing abandoned by RNLIHas opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...Read Article Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Debbie McElhill18 September 2019Personal Data Breaches: Prevention & PlanData Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...Read Article DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team16 September 2019Data Governance – Getting to know your DataData Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...Read Article Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn04 September 2019Brexit No Deal Data Protection GuideNo-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...Read Article Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn23 August 2019Data Sharing 10 TipsMany companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...Read Article DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team22 August 2019Data Innovation & Compliance: Impact ReportData Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...Read Article Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Gemma Johnson22 August 2019DPIA – How to assess projects in an Agile environmentDPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...Read Article Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn14 August 2019GDPR Right of Access – PhD student claims privacy risksCould the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...Read Article Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn09 July 2019GDPR regulatory action so far in the UK and EU (July 2019)GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...Read Article DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team05 July 2019GDPR: Impact Report 2019The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...Read Article Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Julia Porter21 June 2019Cookies, Consent & Compliance: 10 takeaways from the ICO’s update report into AdTech and RTB10 Takeaways from ICO’s Update Report The ICO has published an Update Report on AdTech and Real Time Bidding (RTB). The clue is in the word “update” in that...Read Article Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn22 May 2019Why GDPR is not a fuss over nothingWe’ve heard the comparison with the millennium bug – the sky didn’t fall in on 25th May… ‘where are these game-changing fines? This is the Y2K bug all over...Read Article Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn21 May 2019‘Performance of a contract’- is this lawful basis being too broadly interpreted?EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...Read Article Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard20 May 2019Getting your Supplier Contracts RightA GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...Read Article Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn18 April 2019Data Protection Awareness & Training – Your Achilles Heel?Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...Read Article Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn02 April 2019Prospects, Leads, Bought-in lists … Don’t forget the right to be informedTransparency, Control and the Right to be Informed Let me take you back a year, to April 2018 – a time when there was a considerable flurry to ensure...Read Article Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard20 March 2019Like Gin and Tonic – Why GDPR and Data Governance were made for each otherWhy GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...Read Article Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Julia Porter07 March 2019Do Smaller Customer Databases Spell Disaster?10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...Read Article DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team06 March 2019120 Data Protection Officers reveal…Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...Read Article Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn05 March 2019Digital advertising & real-time bidding: Are we on the verge of a seismic shift or not?GDPR put a significant spanner in the world of digital advertising, which disparate parties with different vested interests have been grappling with now for months. How can organisations provide...Read Article Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Gemma Johnson04 March 2019Brexit Data Response PlanWhat Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...Read Article DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team25 January 2019Data Protection Officers: DPO InsightsData Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...Read Article Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn22 January 2019Legitimate Interests: It’s legit, isn’t it?“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...Read Article DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team20 December 2018Data Protection Officer SurveyThis survey closed on 12th February 2019. DOWNLOAD: DPO Survey Results Report Calling all DPOs! This research survey is being conducted to ask DPOs about their experience and to...Read Article DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team17 December 2018Privacy Baubles & Data Tinsel2018 data protection highlights, surprises and amusing moments, in 50 words or less, from our DPN board members and friends. We also have some predictions for the year ahead…...Read Article DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team04 December 2018Data Subject Access Requests – your burning questions answeredThe right of access is nothing new, but GDPR has caused a surge. The sheer volume of requests presents a challenge, as do the more privacy-savvy questions being asked....Read Article Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Stef Elliott21 November 2018“The cookies law is clear – well that takes the biscuit”The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...Read Article Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Gemma Johnson20 November 2018GDPR FAQsData protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...Read Article Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Debbie McElhill19 November 2018Brexit Withdrawal Agreement – Data Protection UpdateAlthough it may be rejected amid the political maelstrom raging around Brexit, there are some key aspects of the draft EU-UK Withdrawal Agreement which concern data protection. What’s encouraging,...Read Article Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Julia Porter18 November 2018Privacy International’s GDPR complaints shine a spotlight on 7 data companiesOn November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...Read Article Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Gemma Johnson23 October 2018GDPR and Children’s Privacy Rights – What brands need to knowAs a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...Read Article Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn22 October 2018GDPR: The Seven Deadly (Data Protection) SinsWe hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...Read Article Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Michael Bond22 October 2018GBBO (read GDPR): No Soggy Bottoms Here!The current season of the hit Channel 4 show The Great British Bake Off has, like previous years, gripped the imagination of the British public, with millions tuning in...Read Article Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Stef Elliott01 October 2018Cookies: GDPR and ePrivacy (video)Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...Read Article Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard25 September 2018Brexit, GDPR and data protection: What happens if the UK becomes a third country?The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...Read Article Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn17 July 201810 GDPR Survival TipsGDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...Read Article Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Jenny Moseley09 July 2018Legitimate Interests: A wasted marketing opportunity?In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...Read Article Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn29 May 2018GDPR: The defence of not relying on Consent begins…I knew there would be confused messages about the GDPR, given the scale and ambition of the legislation. With that in mind, I warned clients the public’s initial understanding...Read Article Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn14 May 2018GDPR Data Protection Impact Assessments Guide – DPIAsData Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...Read Article Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn13 May 2018GDPR: The Right of AccessThe Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...Read Article Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Charles Ping12 May 2018GDPR – Soon it’ll be June. Don’t expect a restWe’re now in the final stretch. Just days to go to “that date”. I’d like to think that regular visitors to the Data Protection Network have all laughed at...Read Article DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team07 April 2018DPN Legitimate Interests Guidance – GDPR (Version 2.0)Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...Read Article Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Robert Howells19 February 2018GDPR compliance: how America is tackling new EU data protection rulesHow U.S. based companies are tackling GDPR compliance and how they can decide which sources of guidance will help not hinder their efforts Whether it is the release of...Read Article Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Robert Bond08 February 2018GDPR and Data Processing AgreementsAny business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...Read Article Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn05 February 2018GDPR: Marketers don’t forget PECR!With time running out everyone is feverishly trying to ensure compliance with the GDPR. But while focusing on the GDPR, are the current rules surrounding electronic marketing communications being...Read Article Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Rosemary Smith18 December 2017GDPR and people powerDespite several months until the GDPR implementation articles are already appearing in the press, focussing on the data rights individuals will have. Many of these are inaccurate (I saw...Read Article Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn14 December 2017GDPR – When will we get final guidance on Consent?Rumours are circulating that the final Consent Guidance from the Information Commissioner’s Office may be further delayed, it had been anticipated early in the New Year. This presents an...Read Article Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Karima Saini04 December 2017GDPR Compliance: the EU-US Privacy Shield AdvantagePrivacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...Read Article Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn27 November 2017Legitimate Interests and Direct Marketing“This is so brilliant. It’s like Gardener’s Question Time for GDPR enthusiasts!” When and how might you be able to rely on Legitimate Interests as the lawful basis for...Read Article Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Rosemary Smith15 November 2017GDPR and the legacy data dilemmaAre you preparing to roll out new permission statements to collect personal data to a GDPR standard, but wondering what to do about your existing data? Can it be...Read Article Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Debbie McElhill14 November 2017GDPR Privacy Policy GuideA Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...Read Article Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Debbie McElhill02 November 2017GDPR Data Retention Quick GuideThe EU General Data Protection Regulation (GDPR), ushered in stricter requirements regarding how long personal data can be kept. Organisations need to be more considered and disciplined in their...Read Article Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn05 October 2017New UK Data Protection Bill – DPN FactsheetThe UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...Read Article DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team04 October 2017Using Legitimate Interests legitimatelyIn our webinar on 12th September 2017, our panel discussed and took questions on the use of Legitimate Interests as a lawful basis for processing personal data under the...Read Article DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team03 October 2017GDPR Derogations ListThe GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...Read Article Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Karima Saini25 September 2017GDPR 10 Point Checklist for MarketersAll UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...Read Article Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Rosemary Smith20 September 2017The ICO – why we need a well-resourced RegulatorWe are all clamouring for advice about the GDPR; why hasn’t the Information Commissioner’s Office provided us with comprehensive guidance on consent, profiling, children’s data, accountability? And, so the...Read Article Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn13 September 2017GDPR and Data Breaches: Are you prepared?GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...Read Article Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard04 September 2017GDPR – Data Processor liability, what’s changing?Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...Read Article Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn03 August 2017UK Data Protection Bill expected after Parliament’s Summer breakAs final ICO guidance on consent gets pushed back to the end of the year and we still await the final text of the proposed ePrivacy Regulation, we can...Read Article Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Rosemary Smith25 July 2017GDPR and Consent – Please, give us a clue?Back in March there was a clamour of excitement, with the ICO publishing draft guidance on consent under the forthcoming GDPR. The Regulator also began a consultation, for organisations...Read Article Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard20 July 2017GDPR – Impact on database & marketing platformsHow do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...Read Article DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team11 July 2017How to use Legitimate Interests Legitimately? New GuidanceThe DPN publishes its highly anticipated guidance on Legitimate Interest under the GDPR In the face of tighter rules surrounding consent under the forthcoming GDPR, many organisations are looking...Read Article Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Karima Saini11 July 2017GDPR: 51 ways to get into trouble with the GDPR (and it will cost you millions)Unless you were just rescued from being a castaway on a deserted island for the past two years, you will be aware of the headline grabbing news about how...Read Article DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team05 July 2017Data sharing – how do you tell your customers the benefits? (Video)Data sharing can have positive benefits for consumers. However, little has been done to inform them of the value they might gain when their data is shared. This has...Read Article Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn23 June 2017The UK’s new Data Protection Bill and the GDPR go hand in handIn the Queen’s Speech (outlining the new UK Government’s programme) a new Data Protection Bill has been announced. But don’t think this gets you off the hook with the...Read Article Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn05 June 2017GDPR – Organisations on tenterhooks awaiting regulatory guidanceFor most organisations trying to ensure compliance and manage budgets, guidance on key areas of the GDPR can’t come soon enough. Susan Corless, Client Relationship Manager at TwentyCi says...Read Article DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team30 May 2017GDPR Countdown: Will your marketing be legal?With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...Read Article Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn12 May 2017Direct Marketing Code of Practice – good practice no longer optionalAhead of the forthcoming UK General Election the Digital Economy Act has been passed and it brings with it a fundamental change for Direct Marketing. At present organisations can...Read Article Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn08 May 2017GDPR Individual Rights – how to handle them?Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...Read Article Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn08 May 2017GDPR Legal Grounds for Processing – Consent? Legitimate Interests?Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....Read Article Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Rosemary Smith24 April 2017Time to conduct a GDPR Impact Assessment?The GDPR will become a reality on 25 May 2018, but do you really know what it will mean for your business? We are beginning to get a clearer...Read Article Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn24 April 2017Clarity on Consent under the GDPR urgently sought‘Active’ Opt-in is a near certainty – but how can obtaining ‘granular’ consent be achieved in a clear and concise manner? Will there really be no ‘grace’ period after...Read Article Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard21 April 2017Legitimate Interests under the GDPR – guidance coming soonThe use of Legitimate Interests as a legal ground for processing personal data under the EU General Data Protection Regulation poses a number of questions – When might they...Read Article Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn03 March 2017GDPR and Consent – ICO Draft GuidanceThe ICO have finally issued their much anticipated guidance on consent under the EU General Data Protection Regulation. The highlights are that consent will require an opt-in and third...Read Article Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn01 March 2017GDPR Data Governance – demonstrating you take compliance seriouslyWho protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...Read Article DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team01 March 2017GDPR Compliance Ladder – Step up and complyThe changes the EU General Data Protection Regulation (Regulation (EU) 2016/679) ushers in shouldn’t be underestimated. It is a substantial piece of legislation with wide-ranging consequences. Are you ready?...Read Article DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team23 February 2017DPN’s GDPR Compliance LadderThe Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...Read Article DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team23 February 2017What is GDPR?The General Data Protection Regulation (GDPR) came into force across European Union member states on 25 May 2018. The UK Government has confirmed that upon leaving the EU, the...Read Article Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Peter Galdies23 February 2017GDPR Data Security – stricter rules and more specific obligationsThe General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...Read Article Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Simon Blanchard23 February 2017GDPR Profiling – what do you need to tell your customers?What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...Read Article Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn17 January 2017Why direct marketing could face tougher rules ahead of GDPR?The Digital Economy Bill which appears to be quickly making its way through Parliament could have a significant impact on Direct Marketing. The Bill which, among other things, aims...Read Article DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team19 December 20162017 predictions for data protection and compliance2016 was undoubtedly a tumultuous year politically with ramifications in the data protection arena, so what’s on the horizon for 2017? Here are some thoughts from the Data Protection...Read Article Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Sara Howers06 December 2016How GDPR will impact on Data Controller-Processor relationshipsThe current Data Protection Act 1998 puts the legal onus for compliance squarely onto the Data Controller. Data Processors are therefore only obliged to do as they are instructed...Read Article Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Robert Bond10 November 2016GDPR & Supportability of Data PortabilityArticle 20 of the General Data Protection Regulation (Regulation EU 2016/679) (GDPR) gives every data subject “the right to receive the personal data concerning him or her concerning him...Read Article Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn07 November 2016GDPR gets the green light from the UK GovernmentFinally a decision – the UK will adopt the EU General Data Protection Regulation – GDPR – on 25th May 2018. Making the announcement, Secretary of State Karen Bradley...Read Article Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Robert Bond14 October 2016Privacy Notices, transparency and controlA new code for privacy notices: on 7th October the UK Information Commissioner’s Office (ICO) published their new code of practice of communicating privacy information to individuals. The ICO...Read Article DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
DPN Team10 October 2016General Data Protection Regulation – a practical guide for businessesCan we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. We have published...Read Article Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Rosemary Smith13 September 2016GDPR and Brexit – Where next?Since the vote to leave the European Union, Data Protection commentators have been offering their views about what the future of privacy legislation in the UK will look like....Read Article Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn13 July 2016Brexit, GDPR and the FutureTheresa May, the UK’s new Prime Minister, has said it: “Brexit means Brexit.” So does GDPR matter? The short answer is yes… and you shouldn’t shelve your GDPR plans....Read Article Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn01 July 2016GDPR – Key Impacts on Direct MarketingAt the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...Read Article Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn24 June 2016Brexit: What could it mean for Data Protection?The UK has voted to leave the EU, but despite the political drama life isn’t going to change any time soon. Under Article 50 of the 2007 Lisbon Treaty,...Read Article Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Michael Bond20 June 2016All that Glitters is Not Privacy GoldI’m watching the American presidential race with some amusement, or is that bewilderment, as I’m sure most people with half a brain are. Some of the sheer drivel being...Read Article Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn07 June 2016DPOs: Roles, Responsibilities, RequirementsWhat does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...Read Article Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn01 June 2016The GDPR & Consent – 10 Point Quick GuideObtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...Read Article Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Philippa Donn25 May 2016GDPR – Where guidance is needed“We need to await further guidance on …” is the phrase on everyone’s lips in meeting rooms across the UK. The final General Data Protection Regulation text has been...Read Article Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
Chris Field25 April 2016The Role of a Data Protection Officer – Expert AnalysisUnder Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....Read Article
