Since GDPR came into force more than eighteen months ago, data protection authorities across Europe have been taking action and issuing fines against organisations found to be in...
Privacy Predictions for 2020 - what's in store for us next year? The trends, enforcement and organisational imperatives - What do our esteemed DPN Advisory Board believe is in...
How do organisations protect children’s privacy online? What are your legal and ethical responsibilities? In this webinar one of the country’s leading privacy lawyers, Robert Bond from Bristows...
As the dark, creeping realisation dawns that a personal data breach may have occurred, staff who think something has gone wrong are faced with an urgent and important...
Has opt-in suffered a blow? It’s now official that opt-in for all forms of direct marketing has not proven a success for the RNLI, despite earlier reports to the...
Data Breach! Are you ready should the worst happen? We’ve all seen the headlines, data breaches are weekly if not daily news. Regulators across Europe are busy wading through...
Data Governance – the what, why & how? Data Governance has long been recognised as a method of protecting the business, mitigating risk, increasing operational efficiencies and managing customer...
No-deal Brexit – what’s the data protection impact? What steps should organisations take to prepare? This guide aims to cover the key areas organisations should consider, and provide...
Many companies need to share personal data with other organisations. This might be reciprocal or one-way, it could be providing another company’s staff with access to your data for...
Data Innovation: The Challenges, risks & approaches Companies are increasingly being asked to innovate in a smart but more considerate, privacy-friendly manner. The DPN & Global Marketing Alliance and...
DPIAs in an Agile environment More than 50% of organisations have adopted Agile methodologies for technology projects – including those which involve the processing of personal data. Agile methodology...
Could the Right of Access leave consumers open to privacy risks? News that an Oxford University PhD student and cyber security researcher, managed to collect personal data about his...
GDPR Regulatory Action The UK’s data protection regulator has made its first hefty announcements since GDPR became law in 2018. With news British Airways and Marriott could face massive...
The impact of GDPR More than a year on from enforcement day, where are we now with GDPR? The Global Marketing Alliance and the DPN teamed up with global...
EDPB issues draft guidelines on using ‘contract’ as lawful basis for online services Is your collection of personal data and the purposes you use if for really necessary in...
A GUIDE TO CONTROLLER-PROCESSOR CONTRACTS The GDPR sets out strict requirements for when an organisation decides to utilise the services of another company to process personal data. The most...
Data Protection Awareness & Training GDPR has been a driving force for organisations to really get to grips with the protection of personal data. However one of the big...
Why GDPR and Data Governance go hand in hand Like G&T, data governance is not a new concept. It has been recognised for years as a method of protecting...
10 tips for making sure your customer database is match fit GDPR provided a golden opportunity for companies to reduce the size of their databases. It was often surprising...
Data Protection Officer Survey Results One of the most significant impacts of GDPR was that many organisations were required to appoint a Data Protection Officer, and many more chose...
What Does Brexit Mean for Data Flows? Get Your Organisation Ready With March 29th looming and no decision yet on whether the UK will leave the EU without a...
Data Protection Officers – What are the challenges? What areas would DPOs like more guidance on? Do you have what it takes to be a DPO? “GDPR impacted every...
“Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate” UK Information Commissioner’s Office Let’s say you want...
The ePrivacy Regulation was originally planned to come into force simultaneously with the GDPR on 25th May 2018. The delay and the ongoing debate regarding the Regulation, as highlighted...
Data protection legislation is nothing new, but GDPR does enhance the rules, introduce tougher obligations and build on or change previous data protection definitions. Here are some handy answers...
On November 8th, Privacy International (PI) filed complaints under the GDPR with data protection regulators in UK, France and Ireland against data brokers Oracle and Acxiom, credit reference agencies...
As a mother of three children under the age of 12 years old and working in the data protection industry, I have the fortunate position of wearing ‘two-hats’ whilst...
We hear much about good GDPR compliance, and how to meet the seven data protection principles – to be accountable, transparent, lawful and so on. But sometimes, in order...
Cookie notices, splash pages and various consent management platforms are everywhere. If you’re struggling to wade through the mire that is cookie compliance, watch our cookie webinar with Robert...
The impact of Brexit Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no...
GDPR-weariness has flourished after the frenetic preparations in the run-up to 25th May. However, GDPR isn’t about quick fixes and compliance doesn’t stop after the sparkly new privacy notice...
In the run-up to GDPR enforcement day, many thought the only game in town when it came to lawful bases for processing personal data was Consent. It seemed Article...
Data Protection Impact Assessments – Why? When? How? The principle of ‘privacy by design’ is not new but it is embedded within the EU General Data Protection Regulation. At...
The Right of Access – Data Subject Access Requests: how to handle them The right of access is nothing new, but there are some changes ushered in by the...
Updated version of the DPN’s Legitimate Interests Guidance We have updated the Guidance we originally published in July 2017. This new version (published in April 2018) includes several case...
Any business subject to the EU General Data Protection Regulation (GDPR) as a Controller needs to have in place an appropriate contract with any other Controller it jointly shares...
Privacy Shield adherent companies cannot underestimate the rigours required to comply with the GDPR, however they may have less work ahead of them than others. The General Data Protection...
A Guide to Writing Privacy Policies All organisations should review their privacy policies in the light of the EU General Data Protection Regulation (GDPR). At the heart of the...
The EU General Data Protection Regulation (GDPR), which came into force on 25 May 2018, brings in stricter requirements regarding how long personal data may be retained. Organisations will...
The UK Government published a new Data Protection Bill in September 2017, paving the way for a new Data Protection Act which will replace the existing DPA 1998. This...
The GDPR became UK law on 25 May 2018. The regulation contains a number of derogations, where EU member states can exercise a degree of discretion (flexibility) over how...
All UK businesses were required to be compliant with the EU General Data Protection Regulation (GDPR) from the implementation date on 25th May 2018. The GDPR introduces a number of...
GDPR – Data Breach requirements and notification regimes Recent high-profile data breaches demonstrate how critical it is to be ready to handle a breach. Advance planning will ensure you...
Getting prepared for the EU General Data Protection Regulation – review you data processor contracts The GDPR has a major impact on the responsibilities of both data controllers and...
How do database and marketing platforms change under the GDPR? The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. There are several ways in...
With less than a year to go until the EU General Data Protection Regulation is enforced, what do organisations need to do to ensure their marketing activities will be...
Handling individuals’ rights to control their data From its inception, the GDPR (which came into force on 25th May 2018) was designed to strengthen the privacy rights of EU...
Do you have a legal ground for processing personal data? You need one under the GDPR The General Data Protection Regulation (GDPR) came into force on 25 May 2018....
Who protects your data? How will your organisation govern itself? The General Data Protection Regulation (GDPR) became UK law on 25th May 2018. GDPR specifically highlights the requirement for...
The Data Protection Network has produced practical guides, which we hope you will find useful in your work in complying with the EU General Data Protection Regulation, which came...
The General Data Protection Regulation (GDPR) came into force on 25 May 2018, aiming to harmonise data protection rules across all EU member states. The UK Government has confirmed...
The General Data Protection Regulation (GDPR) replaced the Data Protection Directive on May 25, 2018. The GDPR contains a number of new protections for EU data subjects, introducing significant...
What profiling techniques do you use and what information do you need to provide to your customers? GDPR has a significant impact if your organisation undertakes profiling for the...
Can we help you comply with the GDPR? The new EU Regulation was implemented on 25th May 2018, bringing with it a swathe of new legislation. Data protection specialists...
At the DP Exchange in Edinburgh on 30th June 2016, there was no escaping the tumultuous events of Brexit. The message was clear from both Opt-4’s Rosemary Smith and...
What does a DPO do? Does your organisation need one? What skills and qualifications should a DPO have? Who should they report to? This report aims to answer these...
Obtaining Consent from Data Subjects in order to process their data has long been an area of ambiguity, open to broad interpretation across EU Member States. The GDPR certainly...
Under Europe’s General Data Protection Regulations (or “the GDPR”), Controllers and Processors are obliged to appoint Data Protection Officers (“DPOs”) in certain circumstances responsible for facilitating data protection compliance....
This guide aims to give you a better understanding of what a Privacy Impact Assessement is, why they are useful and when they should be conducted. WHAT IS A...
What key changes does the GDPR usher in. Find out how legacy UK data protection rules compare with the rules that came into force in May 2018 under the...
The much-anticipated General Data Protection Regulation has been hotly debated across Europe is now on the final stretch to becoming finalised. So what will it actually mean for you...
Draft Data Protection Regulation summary of main features The draft European Regulation on Data Protection is currently being debated in Europe. This is the first major overhaul of the...
Data protection advice from Opt-4
Opt-4 has been supporting clients on data protection for more than 15 years. We appreciate the challenges you face, and strive to deliver pragmatic and effective solutions, based on our in-depth specialist knowledge.
