CONTACT US 01312268200
  Law Firm of the Year Winner 002  NEWlaw AWARDS logo Winner20181
 
 
  Law Firm of the Year Winner 002  NEWlaw AWARDS logo Winner20181
 
 

Contact us

Invalid Input
Invalid Input
Invalid Input
Invalid Input
Invalid Input
You must confirm you have read and accept our Website Privacy Policy.
Invalid Input

Controller / Processor Contracts – what’s new?

Under the GDPR, both data controllers and data processors have compliance obligations and responsibilities. Processors for the first time have direct liability and may be subject to penalties and civil claims by data subjects for non-compliance with the terms of the GDPR. It is very important that controllers and processors clearly document their respective obligations and the GDPR creates a requirement for a contract to be in place between them, setting out specific terms that processor/controller agreements must contain, as a minimum.  This aims to ensure that processors only carry out processing as agreed with the controller and always in...
Continue reading
  461 Hits
461 Hits

Controller / Processor Contracts – what’s new?

Under the GDPR, both data controllers and data processors have compliance obligations and responsibilities. Processors for the first time have direct liability and may be subject to penalties and civil claims by data subjects for non-compliance with the terms of the GDPR. It is very important that controllers and processors clearly document their respective obligations and the GDPR creates a requirement for a contract to be in place between them, setting out specific terms that processor/controller agreements must contain, as a minimum. This aims to ensure that processors only carry out processing as agreed with the controller and always in...
Continue reading
  376 Hits
376 Hits

Data Protection Impact Assessments – what, when and why?

Screenshot 3
Screenshot 5
Screenshot 7
Screenshot 9
Screenshot 11
A new principle introduced by the GDPR is that of accountability. This requires data controllers to be able demonstrate their compliance and there are a number of ways that they can do this. Data Protection Impact Assessments (DPIAs) are one tool that under the GDPR must be used by organisations to identify and minimise the potential data protection risks of any new projects to be undertaken which involve the processing of personal data. Also key to GDPR is that organisations take a “data protection by default and design” approach to any activities involving data processing. DPIAs again help to achieve...
Continue reading
  551 Hits
551 Hits

How far does the GDPR reach…?

As we all know by now, the GDPR came into force on Friday 25 th May 2018. For businesses based in Europe with employees and customers in the EU, this means unavoidable change. Changes to the way personal data is processed, changes to information to be given to data subjects, changes to internal governance, changes to the culture surrounding data protection within the organisation.  But what about businesses who are not based within the EU? Does the GDPR apply to them? What about non EU-based organisations who sell only occasionally to the EU? Article 3 of the GDPR states that...
Continue reading
  469 Hits
469 Hits

Data Protection Act 2018

How we deal with data protection within the EU significantly changed on 25 th May 2018. The vast majority of the population are aware of the coming into force of the General Data Protection Regulation due to the abundance of emails in their inbox providing them with updated Privacy Policies or asking them for consent to use their personal data. However, less well publicised was the fact that on the same date, the UK’s Data Protection Act 2018 received the Royal Assent. So what does the Data Protection Act 2018 differ from the GDPR? Firstly, the GDPR has direct effect...
Continue reading
  521 Hits
521 Hits