CONTACT US 01312268200
  Law Firm of the Year Winner 002  NEWlaw AWARDS logo Winner20181
 
 
  Law Firm of the Year Winner 002  NEWlaw AWARDS logo Winner20181
 
 

Contact us

Invalid Input
Invalid Input
Invalid Input
Invalid Input
Invalid Input
You must confirm you have read and accept our Website Privacy Policy.
Invalid Input

Controller / Processor Contracts – what’s new?

Under the GDPR, both data controllers and data processors have compliance obligations and responsibilities. Processors for the first time have direct liability and may be subject to penalties and civil claims by data subjects for non-compliance with the terms of the GDPR. It is very important that controllers and processors clearly document their respective obligations and the GDPR creates a requirement for a contract to be in place between them, setting out specific terms that processor/controller agreements must contain, as a minimum. This aims to ensure that processors only carry out processing as agreed with the controller and always in...
Continue reading
  480 Hits
480 Hits

Data Protection Impact Assessments – what, when and why?

Screenshot 3
Screenshot 5
Screenshot 7
Screenshot 9
Screenshot 11
A new principle introduced by the GDPR is that of accountability. This requires data controllers to be able demonstrate their compliance and there are a number of ways that they can do this. Data Protection Impact Assessments (DPIAs) are one tool that under the GDPR must be used by organisations to identify and minimise the potential data protection risks of any new projects to be undertaken which involve the processing of personal data. Also key to GDPR is that organisations take a “data protection by default and design” approach to any activities involving data processing. DPIAs again help to achieve...
Continue reading
  717 Hits
717 Hits

How far does the GDPR reach…?

As we all know by now, the GDPR came into force on Friday 25 th May 2018. For businesses based in Europe with employees and customers in the EU, this means unavoidable change. Changes to the way personal data is processed, changes to information to be given to data subjects, changes to internal governance, changes to the culture surrounding data protection within the organisation.  But what about businesses who are not based within the EU? Does the GDPR apply to them? What about non EU-based organisations who sell only occasionally to the EU? Article 3 of the GDPR states that...
Continue reading
  581 Hits
581 Hits

Data Protection Act 2018

How we deal with data protection within the EU significantly changed on 25 th May 2018. The vast majority of the population are aware of the coming into force of the General Data Protection Regulation due to the abundance of emails in their inbox providing them with updated Privacy Policies or asking them for consent to use their personal data. However, less well publicised was the fact that on the same date, the UK’s Data Protection Act 2018 received the Royal Assent. So what does the Data Protection Act 2018 differ from the GDPR? Firstly, the GDPR has direct effect...
Continue reading
  636 Hits
636 Hits

US firm stalls in bid to recover debts bought from Clydesdale

imgID139263106.jpg.gallery.jpg
An American company that bought close to £1 billion of loans from Clydesdale Bank between 2015 and 2016 has failed in a second attempt to bankrupt a Scottish couple in a bid to call in their debt. The case relates to a loan that Barry and Susan Peart took out in 2007 in order to acquire and refurbish a new house. Promontoria, an entity owned by US firm Cerebus Capital Management, succeeded Clydesdale Bank as a creditor on that loan when it acquired the portfolio of debt from the bank. When the firm attempted to recover the debt, however, the...
Continue reading
  765 Hits
765 Hits