Tag Archives: GDPR

“None of Your Business” they said

On May 20, 2023, the European Data Protection Board (EDPB) fined Meta (formerly Facebook) €1.2 billion for violating the General Data Protection Regulation (GDPR) by continuing to transfer European user data to the United States without adequate safeguards in place. For more background on this case, read our articles; META behavioural advertising – Why itRead More

META & behavioural advertising. Why it should matter to you!

META, behavioural advertising & why it should matter to you beyond META.   It’s been a while since we checked in on the noyb case against META, and the developments, in this case, are well worth telling.   Firstly, describing a little digital marketing jargon and informing you about behavioural advertising is essential.   InRead More

Deal done? Not adequacy!

Buried in the Brexit deal text, a six-month maximum time limitation creates a data bridge for the gap between the end of the transition period and negotiations on a UK adequacy decision. What does this mean for your organisation?  The UK has suspended its’ own data protection laws for this interim period, so EU-GDPR lawsRead More

Privacy Shield inadequate (Schrems Deux)

Follow-up on “Should Privacy Shield be suspended” (Update August 2020): The Schrems 2 case ruling press release from the 16th July (Courts of Justice EU” CJEU” press release here https://curia.europa.eu/jcms/upload/docs/application/pdf/2020-07/cp200091en.pdf ), so what does it mean for your data? Firstly, the CJEU has ruled that your data, when used for commercial purposes, are subject to the sameRead More

No deal, not adequate

Over two years after the UK ratified the UK Data Protection Act 2018 and brought into law the EU General Data Protection Regulation, we face a new era of uncertainty.   Why I hear you say?  We spent all that time preparing for GDPR, what now?   Although the UK DPA 2018 is based uponRead More

A DPO for schools, SME’s and Charities

Most schools are too busy to give data protection their full attention. We have specialist data protection officers that are here to help! We also noticed that small businesses and charities do not have specialist data protection officers. We realise that the issue of compliance with data protection legislation can be daunting, and detract fromRead More

77% of charities named data loss as their biggest concern!

Previously. An astonishing 84% of UK small business owners and 43% of senior executives of large companies are not aware of the forthcoming GDPR – according to research-live.com. (1) The research has also revealed that 75% of data will be unusable following GDPR enforcement. According to w8data, only 25% of existing customer data meets the requirements of the GDPR. (2) That also appliesRead More

Responsibility: Personal or organisational?

  With new data protection laws coming into force, does this change the responsibility: Is it personal or organisational?  Is responsibility on the data controller or the data processor?   Ultimately, your organisation is responsible for the personal data it collects!  If you pass the information you have collected to a third party for processing,Read More

The Right(s)

Several areas within the GDPR1 concern rights of the individuals, most of which were included in the Data Protection Act (DPA2), which was based on an EU directive. The difference between EU directives and regulations is that “directives” set out goals for each member state to implement and adapt within their laws, whereas a “regulation” is a binding legislative act thatRead More

Retention of Data

“How long can we keep our data?”   Retaining data has always been a fragmented area of information security law. This article explores what personal data is, what constitutes processing data and for how long you should retain data, as it appears to be unclear within DPA and GDPR law!   First, a definition ofRead More


The murky world of “consent” is one of the next significant changes to evolve the data protection landscape.   Consent to store an individual’s data can get a little wordy.  It is filled with legal jargon and is also the area of the GDPR law that the ICO has stated will “be subject to theRead More

GDPR are you ready?

The media is awash with adverts about the EU General Data Protection Regulation; “Are you ready?”, because it is coming ready or not! What is the EU GDPR?” I hear you ask; the law itself is about Data Protection, and not as complicated as you might think, as it is a set of common-sense principles.Read More